The following describes how to install syslog-ng PE in a Docker container. The following operating systems are supported:
-
CentOS 7
-
RedHat EL 7.5
-
Ubuntu 18.04 LTS (Bionic Beaver)
To install syslog-ng PE in a Docker container
-
Start Docker. Use the command appropriate for you platform:
-
docker run -d -p <network-ports-forwarded-to-docker> -v <directories-to-be-mounted> --name syslog-ng-in-docker centos:7
-
docker run -d -p <network-ports-forwarded-to-docker> -v <directories-to-be-mounted> --name syslog-ng-in-docker registry.access.redhat.com/rhel-7.5-s390x
-
docker run -d -p <network-ports-forwarded-to-docker> -v <directories-to-be-mounted> --name syslog-ng-in-docker ubuntu:18.04
For example, to forward port 514 and mount the etc and var directories on RedHat, use the following command: docker run -d -p 514:514 -v /root/docker/etc/:/opt/syslog-ng/etc -v /root/docker/var:/opt/syslog-ng/var --name syslog-ng-in-docker registry.access.redhat.com/rhel-7.5-s390x
Note the following points:
-
Forward all ports to Docker that you want to receive messages from in your syslog-ng PE configuration.
-
The previous example mounts the etc and var directories from outside the docker container. That way you can edit the syslog-ng PE configuration file outside the container, and the syslog-ng PE persist file will not be deleted if you delete and recreate the docker container.
-
Do not mount the same var directory for multiple docker containers.
-
Make sure that the syslog-ng PE running in the docker container has permissions to read the configuration file, and read and write permissions for the var directory.
-
If you want to read the logs of the host from /dev/log, mount it into the Docker container. Note that only a single syslog-ng PE instance can read /dev/log at the same time. Do not mount the same /dev/log for multiple syslog-ng PE instances.
-
-
Download the syslog-ng PE .run installation package from Downloads page.
-
Install syslog-ng PE in the Docker container. (Since there is no service management (systemd) in the docker container, the registration and start of the syslog-ng PE service is disabled.)
docker exec -it syslog-ng-in-docker /bin/bash
syslog-ng-premium-edition-7.0.29-linux-glibc2.11-amd64.run -- --accept-eula --silent --no-register
-
(Optional Step) If you want to use any features of syslog-ng PE that require external packages (for example, Java or Python-based destinations), install the required packages manually in the Docker container (for example, Java or Python).
-
Start syslog-ng PE.
docker exec -i syslog-ng-in-docker /opt/syslog-ng/sbin/syslog-ng <-optional-command-line-parameters-of-syslog-ng>
For the list of available command-line parameters, see the syslog-ng.8 manual page.
Start, reload, stop syslog-ng PE in a Docker container
To start syslog-ng PE, issue the following command in the Docker container.
docker exec -i syslog-ng-in-docker /opt/syslog-ng/sbin/syslog-ng <-optional-command-line-parameters-of-syslog-ng>
To reload syslog-ng PE, issue the following command in the Docker container.
docker exec -i syslog-ng-in-docker /opt/syslog-ng/sbin/syslog-ng-ctl reload
To stop syslog-ng PE, issue the following command in the Docker container.
docker exec -i syslog-ng-in-docker /opt/syslog-ng/sbin/syslog-ng-ctl stop
Upgrading syslog-ng PE running in a Docker container
To upgrade a syslog-ng PE instance that is running in a Docker container
-
Download the new syslog-ng PE .run installation package from Downloads page.
-
Upgrade syslog-ng PE in the Docker container.
docker exec -it syslog-ng-in-docker /bin/bash
syslog-ng-premium-edition-7.0.29-linux-glibc2.11-amd64.run -- --accept-eula --silent --no-register --upgrade
-
Start syslog-ng PE.
docker exec -i syslog-ng-in-docker /opt/syslog-ng/sbin/syslog-ng <-optional-command-line-parameters-of-syslog-ng>
For the list of available command-line parameters, see the syslog-ng.8 manual page.